Command injection

An issue was discovered on D-Link DCS-1130 devices. The device provides a user with the capability of setting a SMB folder for the video clippings recorded by the device. It seems that the POST parameters passed in this request to test if email credentials and hostname sent to the device work...

EUVD-2017-17363

An issue was discovered on D-Link DCS-1130 devices. The device provides a user with the capability of setting a SMB folder for the video clippings recorded by the device. It seems that the POST parameters passed in this request to test if email credentials and hostname sent to the device work...

CVE-2017-8408

An issue was discovered on D-Link DCS-1130 devices. The device provides a user with the capability of setting a SMB folder for the video clippings recorded by the device. It seems that the GET parameters passed in this request to test if SMB credentials and hostname sent to the device work proper...

CVE-2017-8408

An issue was discovered on D-Link DCS-1130 devices. The device provides a user with the capability of setting a SMB folder for the video clippings recorded by the device. It seems that the GET parameters passed in this request to test if SMB credentials and hostname sent to the device work proper...

PT-2019-8631 · D Link · D-Link Dcs-1130

Name of the Vulnerable Software and Affected Versions: D-Link DCS-1130 devices affected versions not specified Description: An issue was discovered on D-Link DCS-1130 devices, where the device provides a user with the capability of setting a SMB folder for the video clippings recorded by the...

CVE-2017-8331

An issue was discovered on Securifi Almond, Almond+, and Almond 2015 devices with firmware AL-R096. The device provides a user with the capability of adding new port forwarding rules to the device. It seems that the POST parameters passed in this request to set up routes on the device can be set ...

CVE-2017-8331

An issue was discovered on Securifi Almond, Almond+, and Almond 2015 devices with firmware AL-R096. The device provides a user with the capability of adding new port forwarding rules to the device. It seems that the POST parameters passed in this request to set up routes on the device can be set ...

CVE-2017-8331

CVE-2017-8331 affects Securifi Almond, Almond+, and Almond 2015 devices with firmware AL-R096. The flaw in the port-forwarding feature allows crafted POST input to reach a system() call via the goahead binary (MIPS little-endian), where the POST parameter ip_address/ipaddress is extracted and con...

The vulnerability of the Qualcomm GNSS API component in the Android operating system allows a hacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the Qualcomm GNSS API in the Android operating system is related to errors in pointer arithmetic. Exploiting this vulnerability could allow a remote attacker to compromise the confidentiality, integrity, and accessibility of the protected information...

CVE-2017-1000451

fs-git is a file system like api for git repository. The fs-git version 1.0.1 module relies on childprocess.exec, however, the buildCommand method used to construct exec strings does not properly sanitize data and is vulnerable to command injection across all methods that use it and call exec...

chromium-browser: SafeBrowsing bypass

The FileSystem API in Google Chrome before 40.0.2214.91 allows remote attackers to bypass the SafeBrowsing for Executable Files protection mechanism by creating a .exe file in a temporary filesystem and then referencing this file with a filesystem:http: URL...

Google Chrome < 35.0.1916.153 Multiple Vulnerabilities (Mac OS X)

The version of Google Chrome installed on the remote Mac OS X host is a version prior to 35.0.1916.153. It is, therefore, affected by the following vulnerabilities : - Use-after-free errors exist in the file system API. CVE-2014-3154 - An out-of-bounds read error exists related to SPDY...

Modify the PHP core Backdoor implementation-vulnerability warning-the black bar safety net

Developing A PHP Core Backdoor Author: wofeiwo/I non-I wofeiwoatgmaildotcom Directory 1Foreword 2The advantages and disadvantages of 3design 4functions to achieve 5reference to documents 6some description 1Foreword PHP is a very popular web server side script language. At present, many web...

Windows NT file function DoS

It may be possible to crash application using one of system APi function with oversized filename...